Parceiro: Camisetas Hacker

Camisetas para Nerds & Hackers

domingo, 12 de agosto de 2012

Lista com 170 site .gov possíveis brechas.

Lista com 170 site .gov possíveis brechas.


Ae vai uma lista com alguns possíveis vulneráveis.
Dorks: site:gov. +inurl:php?pageid=
Dorks: site:gov. +inurl:php?id=
Dorks: site:gov.   result +inurl:php?id=
Dorks: site:gov.    +inurl:php?item=
Dorks: site:gov.    +inurl:php?  order  =
Dorks: site:gov.    +inurl:php?  list =
Dorks: site:gov.    +inurl:php?home =
Dorks: site:gov.  home  +inurl:php?   *=
Dorks: site:gov.  home  +inurl:pag?   *=


http://xxxxxx.www.legco.gov.vg/index.php?pageid=11'
http://xxxxxx.www.stc.gov.ae/en/transport-intercity-routes-result.php?id=112'
http://xxxxxx.www.hzsq.gov.cn/view1.php?id=7543'
http://xxxxxx.wnpop.gov.cn/detailed.php?id=3474'&cat_id=6'
http://xxxxxx.www.gov.ai/ministry.php?id=2'
http://xxxxxx.www.zshda.gov.al/index.php?id=84'
http://xxxxxx.www.akbn.gov.al/index.php?id=2&menu=md&lng=en&ak=g/view_gal'
http://xxxxxx.www.cadenasdevalor.gob.ar/Fuentes/destacado.php?n=1247'
http://xxxxxx.www.villaallende.gov.ar/va_mostrar.php?id=876'
http://xxxxxx.www.sancayetano.gov.ar/deporte-turismo/info.php?id=378'&c=AAGA'
http://xxxxxx.www.diputadosmisiones.gov.ar/perfiles.php?id=5'
http://xxxxxx.www.turismo.misiones.gov.ar/ampliar.php?id=37'
http://xxxxxx.www.shootingcentre.nsw.gov.au/calendar_detail.php?id=50'&cat_id=9'
http://xxxxxx.www.buenosaires.gov.ar/areas/ciudad/historico/calendario/destacado.php?menu_id=23203'&ide=309'
http://xxxxxx.www.mocat.gov.bd/personnel.php?id=1'
http://xxxxxx.www.bsfic.gov.bd/centerCont.php?id=8'
http://xxxxxx.chr.police.gov.bd/request_entry.php?category_id=1'&lang=en'
http://xxxxxx.www.mucurici.es.gov.br/imprimir.php?id=113'
http://xxxxxx.www.secult.es.gov.br/blogs/?id=/blog.php'
http://xxxxxx.paraibuna.sp.gov.br/noticia.php?id=662'
http://xxxxxx.www.sead.pi.gov.br/album.php?id=205'
http://xxxxxx.www.crbio03.gov.br/noticias/index.php?id=4645'&idcategoria=7'
http://xxxxxx.www.juatuba.mg.gov.br/vernoticias.php?id=1'
http://xxxxxx.www.ibate.sp.gov.br/index.php?id=25'
http://xxxxxx.www.arapora.mg.gov.br/imprimir.php?id=795'
http://xxxxxx.oeiras.pi.gov.br/noticias.php?id=132'&exibe=comentarios'
http://xxxxxx.www.pmcg.ms.gov.br/egov/downloadFile.php?id=4128'&fileField=arquivo_dow'&table=downloads'&key=id_dow'&sigla_sec=fundac'
http://xxxxxx.www.iac.sp.gov.br/noticiasdetalhes.php?id=748'
http://xxxxxx.www.ade.az.gov/arizonaheat/providers/provider_information.asp?id=354'&returnP=1'
http://xxxxxx.www.bhutan.gov.bt/government/ministries.php?min_id=16'
http://xxxxxx.webhosting.redsalud.gov.cl/transparencia/public/no_aplica.php?id=AO082'&item=121'
http://xxxxxx.www.ccpitzj.gov.cn/showlink_E.php?id=23'
http://xxxxxx.www.comic.gov.cn/news_show.php?id=7738'
http://xxxxxx.www.ykzzb.gov.cn/info.php?id=162'
http://xxxxxx.www.hzsq.gov.cn/news.php?id=154'
http://xxxxxx.wnpop.gov.cn/detailed.php?id=3474'&cat_id=6'
http://xxxxxx.www.dyjy.gov.cn/articleshow.php?id=12400'
http://xxxxxx.www.meda.gov.cn/en/newsshow.php?id=1719'
http://xxxxxx.www.tchjbh.gov.cn/news_display.php?id=148'
http://xxxxxx.www.cpae.gov.co/index.php?id=7'
http://xxxxxx.www.anh.gov.co/es/index.php?id=1'
http://xxxxxx.www.bogota.gov.co/equidad/newequi.php?id=1'
http://xxxxxx.www.fineart.gov.eg/arb/cv/cv.asp?IDS=380
http://xxxxxx.www.mfa.gov.et/Press_Section/publication.php?Main_Page_Number=3311'
http://xxxxxx.www.gibraltarlaws.gov.gi/view_article_a.php?group_id=000000244'&id=000001614'
http://xxxxxx.sinit.segeplan.gob.gt/sinpet/institucionlist.php?order=CORREO_ELECTRONICO'
http://xxxxxx.www.mkeh.gov.hu/index.php?name=OE-eLibrary'&file=download'&id=4191'&keret=N'&showheader'
http://xxxxxx.regionalinvestment.bkpm.go.id/newsipid/commodity.php?ic=2'
http://xxxxxx.pustaka.litbang.deptan.go.id/eng/dilanggan.php?id=3'
http://xxxxxx.spore.cta.int/index.php?option=com_content'&task=view'&lang=en'&id=24'&catid=7'
http://xxxxxx.www.uibm.gov.it/index.php?option=com_content'&view=article'&id=2004522'&menuMainType=menuServizi'&idmenu=11691'&lang=it'
http://xxxxxx.www.tenders.go.ke/view.tender.php?id=400'
http://xxxxxx.www.nscpeace.go.ke/108/media.php?id=459'
http://xxxxxx.www.nema.go.ke/index.php?option=com_content'&view=article'&id=104'&Itemid=561'&deoid=7'
http://xxxxxx.www.cljr.gov.kh/partners/index.php?option=com_partners'&task=detail'&id=4'&Itemid='&lang=en'
http://xxxxxx.www.phnompenh.gov.kh/download_file.php?id=126440066890196'
http://xxxxxx.www.babymam.go.kr/kimson/home/jongno/bbs.php?id=preg_06'
http://xxxxxx.tour.geumsan.go.kr/_prog/_board/?code=tour_040201'&mode=V'&no=1978551'&upr_ntt_no=1978551'&site_dvs_cd=tour'&menu_dvs_cd=040205'&gubun=gubun_04'
http://xxxxxx.www.region.go.kr/news/record_read.php?id=44377'
http://xxxxxx.english.yangsan.go.kr/program/board/main/view.php?bid=eng_citynews'&id=6'&hid='
http://xxxxxx.ru.ontustik.gov.kz/category.php?id=74'
http://xxxxxx.touristguide.ncp.gov.lk/bin/things-to-see/details/index.php?id=3'
http://xxxxxx.cbl.gov.ly/en/home/details.php?id=687'
http://xxxxxx.www.npc.gov.ly/experts/list/view.php?id=1876'
http://xxxxxx.www.ccist.gov.ma/contenu.php?id=3'
http://xxxxxx.www.mscl.gov.mg/organisme/organes.php?id=1'
http://xxxxxx.ohridler.gov.mk/soo/details.php?id=15'&lang=en'
http://xxxxxx.www.macautourism.gov.mo/en/main/highlight.php?id=3'
http://xxxxxx.www.primature.gov.mr/fr/index.php?link=0'&id=1'
http://xxxxxx.www.tvet.gov.mv/newspage.php?id=2'
http://xxxxxx.www.educacion.yucatan.gob.mx/showpubli.php?id=1429'
http://xxxxxx.www.sefomec-coahuila.gob.mx/modulo10.php?id=45'
http://xxxxxx.culturacolima.gob.mx/cms/nota.php?id=1373'&autor=62'&cat=1'
http://xxxxxx.www.gobiernodigital.inah.gob.mx/mener/index.php?contentPagina=33'
http://xxxxxx.programas.jalisco.gob.mx/detallePrograma_hac.php?id=794'
http://xxxxxx.www.naucalpan.gob.mx/comunicado_completo_web.php?id=444'
http://xxxxxx.www.congresomich.gob.mx/index.php?id=271'
http://xxxxxx.portal.sre.gob.mx/chicago/popups/articleswindow.php?id=64'
http://xxxxxx.seia.guanajuato.gob.mx/panel/document/phpver.php?id=1147'
http://xxxxxx.www.mec.gov.mz/forum/forum_topico.php?id_cat=7'
http://xxxxxx.www.moe.gov.na/m_pro_projects.php?id=2'&projectid=3'
http://xxxxxx.www.jigawastate.gov.ng/contentpage.php?id=255'
http://xxxxxx.www.nass.gov.ng/nass/news.php?id=157'
http://xxxxxx.www.mem.gob.ni/index.php?s=1'&idp=174'&idt=2'&id=424'
http://xxxxxx.www.nta.gov.np/en/aboutus/index.php?id=7'
http://xxxxxx.bhaktapur.gov.np/newsdetail.php?id=157'
http://xxxxxx.www.ncasc.gov.np/news.php?id=21'
http://xxxxxx.www.dwss.gov.np/dwss-pictures.php?id=28'
http://xxxxxx.www.ird.gov.np/ird/index/document_display.php?id=18'
http://xxxxxx.www.nepalntp.gov.np/content.php?id=206'
http://xxxxxx.www.mof.gov.np/demo/en/newsroom/detail.php?id=52'
http://xxxxxx.proinvex.mici.gob.pa/index.php?option=com_content'&view=article'&id=100'&Itemid=62'&lang=en'
http://xxxxxx.www.sistemapenitenciario.gob.pa/nosotros.php?id=1'
http://xxxxxx.www.projoven.gob.pe/institucional.php?id=15'
http://xxxxxx.www.munimarcona.gob.pe/ver_notasprensa.php?id=69'
http://xxxxxx.www.inpe.gob.pe/contenidosprensa.php?id=905'&direccion=1'
http://xxxxxx.www.drtcp.gob.pe/view_deta.php?display=encuesta'&id='
http://xxxxxx.www.peru.gob.pe/transparencia/pep_transparencia_lista_planes.asp?id_entidad=13904'&id_tema=1'
http://xxxxxx.www.hospitalvitarte.gob.pe/cas.php?id=117'
http://xxxxxx.www.dole.gov.ph/list_of_holidays.php?id=95'
http://xxxxxx.archives.pia.gov.ph/wdavh2011/?m=3'&i=brazil'&sm=events'
http://xxxxxx.www.gjtmap.gov.pk/ngos/sb_bro_ngo.php?id=14'
http://xxxxxx.www.psf.gov.pk/staffdetail.php?id=10'
http://xxxxxx.multan.gov.pk/files.php?id=1'
http://xxxxxx.www.lhc.gov.pk/judges/jbiodata.php?id=132'
http://xxxxxx.profile.hec.gov.pk/?comp=registration.php'&return=des.hec.gov.pk'&param=CSEfsoNuNcdPScqen4RUk3/Y6zCjLwb6tb6XfCz9'
http://xxxxxx.www.multan.gov.pk/page.php?data=193'
http://xxxxxx.www.psf.gov.pk/abstract.php?id=5'
http://xxxxxx.www.ncsw.gov.pk/news-details.php?id=29'
http://xxxxxx.cnw.gob.pk/tenderview.php?id=19'
http://xxxxxx.www.sindhinformation.gos.pk/showpress_release.php?id=181'
http://xxxxxx.smart.ippt.gov.pl/index.php?id=research_conferences'
http://xxxxxx.fluid.ippt.gov.pl/ictam04/php/ext_www/abstract_view.php?id=1734'
http://xxxxxx.www.planonacionaldeleitura.gov.pt/clubedeleituras/download.php?s=elivros'&chave=T200en94'&id=200'
http://xxxxxx.www.seprelad.gov.py/contenido.php?id=21'
http://xxxxxx.www.sas.gov.py/xhtml/login/notisas.php?id=102'
http://xxxxxx.www.rosprom.gov.ru/snews.php?id=166'&vers=print'
http://xxxxxx.www.orinfor.gov.rw/printmedia/topstory.php?id=4258'
http://xxxxxx.tabukedu.gov.sa/ta31/send2.php?id=4605'
http://xxxxxx.www.parliament.gov.sd/en/presidents.php?id=1'
http://xxxxxx.www.pepam.gouv.sn/annuaire.php?id=95'&lang=fr'
http://xxxxxx.www.nombredejesus.gob.sv/pages/proyectos.php?id=50'
http://xxxxxx.www.sansalvador.gob.sv/comunicaciones/desc_comunicados.php?id=3'
http://xxxxxx.www.mahrukat.gov.sy/news.php?id=13'
http://xxxxxx.thailand.prd.go.th/view_around_thailand.php?id=6081'
http://xxxxxx.thainews.prd.go.th/en/news.php?id=255410140004'
http://xxxxxx.www.maerang.go.th/webboard_view.php?id=146'
http://xxxxxx.inter.mua.go.th/main2/news_detail.php?id=72'
http://xxxxxx.www.dmh.moph.go.th/news/view.asp?id=1008'
http://xxxxxx.www.ubon.go.th/dept/dtdetail.php?id=28971'
http://xxxxxx.www.sisaketedu1.go.th/nineboard/view.php?id=2877'
http://xxxxxx.www.nph.go.th/consult/nphboard/nphtopic.php?id=0000000046'
http://xxxxxx.www.oae.go.th/main.php?filename=index___EN'
http://xxxxxx.www.navy.mi.th/newwww/code/special/terminology/terminology.php?id=0'
http://xxxxxx.www.grandprix-tunis.gov.tn/en/index1.php?id=21'
http://xxxxxx.www.marchespublics.gov.tn/onmp/banniere/redirectb.php?id=810'&idb=78'&'
http://xxxxxx.www.finance.gov.tt/services.php?mid=10'
http://xxxxxx.www.tycc.gov.tw/mp_all.php?id=1'
http://xxxxxx.express.culture.gov.tw/events_detail.php?id=6761'
http://xxxxxx.tpeusar.tfd.gov.tw/inside_NewsList.php?id=71'
http://xxxxxx.tainan.cca.gov.tw/about_news_more.php?id=16'
http://xxxxxx.www.tcu.go.tz/info/news/view_news.php?id=56'
http://xxxxxx.www.marineparks.go.tz/parks_info.php?id=1'
http://xxxxxx.www.maji.go.tz/news_events/view_news_item.php?id=230'&intVariationID=1'&szTitle=Current'
http://xxxxxx.www.meac.go.tz/news_events/view_event.php?id=129'&intVariationID=1'&szTitle=Current'
http://xxxxxx.www.pmoralg.go.tz/news_events/view_news_item.php?id=385'&intVariationID=1'&szTitle=Current'
http://xxxxxx.www.vpo.go.tz/announcements/view_news_item.php?id=350'&intVariationID=1'
http://xxxxxx.www.meteo.go.tz/data.php?id=19'
http://xxxxxx.www.mem.go.tz/news_events/view_news_item.php?id=68'&intVariationID=1'&szTitle=Current'
http://xxxxxx.www.meteo.go.tz/news_events/view_event.php?id=326'
http://xxxxxx.www.tira.go.tz/news_events/view_news_item.php?id=56'
http://xxxxxx.www.zanzibarassembly.go.tz/news_events/view_event.php?id=755'&intVariationID=1'&szTitle=Current'
http://xxxxxx.www.mkurabita.go.tz/resource_centre/view_press.php?id=96'&chooselang=1'
http://xxxxxx.tender.ppra.go.tz/tender_details.php?id=4356'
http://xxxxxx.www.dabi.gov.ua/news_text.php?id=589'
http://xxxxxx.www.uaan.gov.ua/akademiki.php?id=112'
http://xxxxxx.dzz.gov.ua/CPOSI/style/page_2/templer_page2_en.php?id=2'&table=text_monitoring'
http://xxxxxx.www.unbs.go.ug/news.php?id=52'
http://xxxxxx.www.ugabif.go.ug/ncd/organisation_detail.php?id=41'
http://xxxxxx.hsc.go.ug/general/downloads.php?id=9'
http://xxxxxx.www.opm.go.ug/news.php?News_id=40'
http://xxxxxx.jlos.go.ug/page.php?p=curnews'&id=54'
http://xxxxxx.amuru.go.ug/districtprofile_category.php?id=18'
http://xxxxxx.www.mia.go.ug/pagex.php?p=news'&id=2'
http://xxxxxx.www.fonep.gob.ve/noticias.php?id=195'
http://xxxxxx.www.inzit.gob.ve/detalle_noticias.php?id=53'
http://xxxxxx.www.sisov.mpd.gob.ve/estudios/detalle.php?id=158'
http://xxxxxx.www.monteavila.gob.ve/mae/catalogo-resultado-detalle.php?id=225'
http://xxxxxx.www.fundayacucho.gob.ve/vistas/enterate.php?id=70'
http://xxxxxx.www.dpe.gov.za/home.php?id=581'
http://xxxxxx.www.mpuleg.gov.za/show.php?id=11'&menu=17'
Somente estudos.

11 comentários:

  1. Olha a pergunta que eu vou fazer, ela pode me ajudar e ajudar você $. ;P

    É possível colocar um link nos sites que você encontra essas vulnerabilidades? caso seja possível qual o nível de dificuldade para isso, você seria capaz? e se sim, os links poderiam ser colocados de uma forma integrada ao conteúdo para que ele não seja notado removido rapidamente?

    Responda aqui mesmo nos comentários que eu vou voltar e ler em breve.

    ResponderExcluir
  2. Obrigado pelo comentário,

    Creio que seja possível, pois alguns sites eu vasculho e vejo as tabelas chego ter acesso as tabelas de usuários.

    porem caro amigo eu não acesso a interface que do site, só verifico a brecha.
    Esses de sima não fui detalhadamente alguns só encontrei o erro de sintaxe, alguns uso sqlmap do BT5, outros faço manualmente mesmo.
    E mais um passa tempo pra informar vulnerabilidades mesmo.

    ResponderExcluir
  3. sera que e possivel vc mandar sites atualizados com falhas sql injection gov e outros normais

    ResponderExcluir
    Respostas
    1. kkkkkk sql injection mds... em cara vai aprende linguagem de Programaçao ta passano vergonha

      Excluir
  4. kkk os links ainda estão pegando vlw mano ^^ ... Dá pra mim treina invasões Vlws mesmo ><

    ResponderExcluir
  5. otimos links
    vou deixa o meu site para vcs ...
    http://www.portaoautomatico-sp.com/
    Grata

    ResponderExcluir
    Respostas
    1. http://www.arcoserralheriaesoldas.com.br/pagina.php?id=10&uri=manutencao-portao-automatico-sp


      Olha a vuneravel desse site seu <>!

      Excluir
  6. Mano VC pode me tirar uma duvida quando nos já conseguimos o login do admin como fazemos para entrar no site com o login do admin quando o site não tem a opção login

    ResponderExcluir
  7. Como faço para invadir um site pelo sqlmap ultilizo SistemaBackbox sei como funciona a invasão de um site cheio de vulneraveis porem gostaria de saber como funcionaria a invasao pelo sqlmap com um site com proteção WAF.IPS,WIF agradeceria muito se soubesse me esclarecer sobre como funciona (--level,--risk no sqlmap)

    ResponderExcluir
  8. BruteForce untuk admin halaman wordpress atau bisa disebut WBF menjadi salah satu cara mudah seorang defacer untuk memasukan akses backdoor di website. Serangan brute force ini masih jadi salah satu teknik kata sandi cracking paling populer yang dilakukan untuk meretas kata sandi. Sebelumnya kami telah membuat tutorial cara WBF dengan Termux

    ResponderExcluir

............